The purpose of these guidelines is to improve the safety and security of seafarers, the environment, the cargo, and ships. The guidelines aim to assist in the development of a proper cyber risk management strategy in accordance with relevant regulations and best practices on board a ship with a focus on work processes, equipment, training, incident response and recovery management.
The guidelines explain why and how cyber risks should be managed in a shipping context. The supporting documentation required to conduct a risk assessment is listed and the risk assessment process is outlined with an explanation of the part played by each component of cyber risk. This publication highlights the importance of evaluating the likelihood and threat in addition to the impact and vulnerabilities when conducting a cyber risk assessment. Finally, this publication offers advice on how to respond to and recover from cyber incidents.
Guidelines on Cyber Security Onboard Ships, Version Four updates
The new version of the Guidelines outline the further improvements and refinements of a shipowners’ cyber security risk assessments and best practices, and includes a section dedicated to improved guidance on risk and risk management. The updated risk model explains the likelihood of a cyber incident as the product of vulnerability and threat, and explains why cyber security should remain a high-priority subject for shipping companies to consider.